QuantAMM
QuantAMM
49,600 OP
View results
Previous Next
Submission Details
Severity: low
Invalid

Lack of input validation for array length, MultiHopOracle.sol

hawks

Summary

The constructor does not check if _oracles.length > 0, allowing deployment with an empty array. This can lead to invalid contract states, runtime errors, or failures in functions that rely on oracles.

Vulnerability Details

Deploy the contract with an empty _oracles array, then call any function accessing oracles (e.g., oracles[0]), resulting in an out-of-bounds error.

  • Affected Areas: Constructor and any function depending on the oracles array.

constructor(HopConfig[] memory _oracles) {
for (uint i = 0; i < _oracles.length; i++) {
oracles.push(_oracles[i]);
}
}

Impact

Security Risks: Malicious actors could exploit the unvalidated state to disrupt contract behavior or cause denial of service.

Tools Used

Manual review

Recommendations

Add the below line to check for oracles length.

constructor(HopConfig[] memory _oracles) {
require(_oracles[i].length > 0, "Empty oracles array");
for (uint i = 0; i < _oracles.length; i++) {
oracles.push(_oracles[i]);
}
}
Updates

Lead Judging Commences

n0kto Lead Judge 4 months ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity
Assigned finding tags:

Informational or Gas / Admin is trusted / Pool creation is trusted / User mistake / Suppositions

Please read the CodeHawks documentation to know which submissions are valid. If you disagree, provide a coded PoC and explain the real likelyhood and the detailed impact on the mainnet without any supposition (if, it could, etc) to prove your point.

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.